Security May 2016

1.

2 points

Which legislative compliance talks about protecting personal information?

Data Protection Act

IT Act

Computer Misuse Act

None of the above

2.

1 point

What are the types of Threats?

Malware

External attacks (Hackers)

Insiders (Social Engineering)

All the above

3.

3 points

Which are the main categories for security controls?

Physical

Procedural

Technical

Regional

None of the above

4.

3 points

Which of the below are Procedural Security Controls

Clear Desk/ Clear Screen

Security Policies

Manned Security Guarding

Staff Security Clearance

5.

2 points

Data and information of a highly sensitive nature classified as __________or higher will be
transmitted and stored if necessary in encrypted form.

Sensitive

Official Sensitive

Transmission Sensitive

6.

2 points

Which of the below common mistakes need to be avoided:

Writing passwords on notebooks

Leaving the computer unattended

Open email attachments from strangers

All the above

7.

1 point

As per SSCL – Leave policy, you are entitled to:

20 Earned casual leaves and 5 leaves, 5 maternity leaves.

18 Earned leaves, 10 Holidays and 7 casual leaves

24 Earned leaves, 7 sick leaves and 5 paternity leaves

18 Earned leaves, 7 casual leaves

8.

1 point

What is the full form of BGV?

9.

1 point

Why do we need Information security?

Sopra Steria policy

Global Requirement

To protect sensitive information of client & adhere to legislative compliance

Contractual Requirement

10.

2 points

Which of below is NOT part of SSCL’s Vision?

Customer Focused

Continually Improving

Respectful

NPS

11.

1 point

Compliance for SSCL India falls under which of the below certification:

ISO27001

ISO9001

ISO18001

None of the above

12.

2 points

PDI stands for?

Performance Development Interview

Process Development Interview

Personal Development Interview

Process Development Interview

13.

1 point

To whom we should refer any sensitive information?

Line Manager

Operational Security Manager

SSCL Security Team

14.

1 point

Which of the following verification needs to be completed before working on SSCL project:

Identity

Employment History

Nationality and Immigration process

Criminal record check.

All of the above

15.

3 points

Select from the below list the Record Requirements:

Managed by controls covering storage, protection, retrieval, retention time and disposition

Retrievable

Legible and readily identifiable

16.

1 point

What is not the Rules of Good Information handling:

Processed for unlimited purpose

Processed accurately

Not kept for longer than is necessary

Processed in line with the data subject’s rights

17.

1 point

Who is the Chief Operating Officer for SSCL?

Jeanette Smith

Clare Edwards

Chris Ashburn

None Of the Above

18.

1 point

Who is the CEO of SSCL

John Neilson

Chris Ashburn

Steven Covey

Jeanette Smith

19.

1 point

Who is the Security Manager for Pune SSCL?

Rajneesh Verma

Vrushali Jadhav

Jagjeet Singh

Sandeep Naynak

20.

1 point

Recording of SSCL information must not be on approved SSCL A4 sheets or SSCL notepads

False

True

21.

2 points

The set of instructions that tells the computer what to do is

Softcopy

Software

Hardware

Hardcopy

22.

2 points

BPSS stands for

Baseline Professional Security Scheme

Baseline Personnel Security Standard

Baseline Personal Security System

23.

1 point

You receive an email with an attachment written as Top secret. What would you do?

Forward it to your colleagues

Inform the available lead

Ignore the email

Delete the email

24.

2 points

For which clients the logo is same?

Department of Work and Pensions

Ministry of Justice

Department of Environment Food & Rural Affairs

All the above

25.

2 points

What should be done for all the internal hard disks of all laptops, and of desktops which are used outside secure locations and hold information classified as In Confidence?

Encrypted using the Sopra Steria standard whole disk encryption solution

Encrypted using the Sopra Steria standard encryption solution.

26.

4 points

Select from the below list the Retention Principles:

Potential need not to use the records as evidence in legal proceedings

The period in which there is regular reference to the records

Customer requirements - we must keep all records in accordance with customer or consumer of end user services requirements

First and foremost, legal and regulatory requirements must be complied with

Potential needs of third parties, for example, auditors or tax inspectors

27.

3 points

As per password management

The password should be easily guessed words so that you remember it.

The password should not be written down anywhere

Password should be changed if you suspect it has been compromised.

Password can be shared only with the manager

28.

1 point

The monitoring of adherence to requirements is managed through an

Information Security Management System

Government Security Classification Scheme

ISO27001

29.

1 point

Which one of below is NOT part of SSCL location?

Blackpool

New Castle

Wales

Newport

30.

1 point

Any employee is entitled to annual leaves from the day she/he joins.

False

True